All my Reolink Cameras keep trying to access Oracle Servers

wisemanjaw

Over the past year of using my collection of 7 Reolink cameras in my home, every once in a while I have noticed that each of them is occasionally trying to access outside IP addresses which my AT&T security support has blocked, sending me notifications when it happens. This has happened from all of my POE cameras on multiple occasions. 

Since I've tried to occasionally access my cameras from outside our home, I had assumed that it had something to do with how Reolink allows you to do this using UUIDs. I have also noted recently that it seems to happen when I attempt to view a camera remotely from outside my home.

However, this had happened so many times I started recording the IPs that the cameras were attempting to access. The list was about 7 or 8 different IP addresses and some cameras were trying to access the same IPs. After accumulating this list, I sat down and started "whois"ing each of them, assuming that it was some equipment owned by Reolink for their cloud support.

I was shocked to discover that ALL of them belonged to Oracle corporation! Furthermore, they were all associated with either Oracle in Phoenix Arizona or one other Corporate Oracle location (I think it was in New Jersey somewhere but I'd have to confirm that).

Now I'm not real familiar with how all these things work, but it almost looks like these Reolink networking products made in China have been set up to perform Denial Of Service or some other type of attack on some of Oracle's servers. Has anyone got any better ideas of what would explain why my cameras will suddenly start trying to access servers belonging to Oracle?

I've spent several hundreds of dollars purchasing all of this equipment and I am really disturbed that some third party may be using them for malicious purposes, all originating from my home network. I'm thinking now that I may need to return all of my Reolink hardware because this is just crazy!

joseph_1979

@wisemanjaw You don't have to worry about. Just read my input at https://community.reolink.com/topic/87/how-does-the-reolink-uid-actually-work/2?post_id=22657&_=1749886728110

wisemanjaw

@joseph_1979
Thank you Joseph. I found that I had already asked this question 2 months ago and you had already answered it then but I missed it. So I assume that AWS is Amazon Web Services and (at least part of them) are hosted on Oracle servers.

Although I'm not very familiar with the P2P protocols and messages that are being used, it sounds as though the camera has to be registered with a client first, and then that client actually sets up things via the P2P servers using some kind of public key encryption techniques. Since only the client(s) that the camera is registered with can set this up, therein lies the access security. Does this sound correct?

Also, My AT&T account keeps blocking attempts by the cameras to access those servers and yet when I try to access a camera from outside my home network, it still seems to work. If the cameras need access to those P2P servers to set up the connection, why is setting up connections from outside my home network still possible when access to those servers is blocked?